Re: Fetch private gitlab repo using ssh with Yocto recipe #bitbake


Sourabh Hegde
 

Hello @Nicolas @Erik @Khem,

Update from my side:

After following some discussion from other posts, I added "config" file.

~/.ssh/config:

Host git.example.com
HostName git.example.com
User git
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_ed25519.pub
# LogLevel DEBUG3

Then I did "eval `ssh-agent -s`"

Then doing "ssh-add ~/.ssh/id_ed25519.pub" results in:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/root/.ssh/id_ed25519.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.

Whereas the permissions are set as:

ls -l -a ~/.ssh

-rw-r--r-- 1 root root  157 Jan 31 10:48 config
-rw------- 1 root root  464 Jan 20 15:26 id_ed25519
-rw-r--r-- 1 root root  109 Jan 20 15:26 id_ed25519.pub
-rw-r--r-- 1 root root  888 Jan 26 08:43 known_hosts

"ssh-agent" is running

ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-lcft54A4nriC/agent.2833; export SSH_AUTH_SOCK;
SSH_AGENT_PID=2834; export SSH_AGENT_PID;
echo Agent pid 2834;

After doing these changes, when I try to "ssh -v git.example.com" to test the connection before running bitbake, I get

OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /root/.ssh/config
debug1: /root/.ssh/config line 1: Applying options for git.example.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to git.example.com [116.203.241.xxx] port 22.
debug1: connect to address 116.203.241.xxx port 22: Connection refused
ssh: connect to host git.example.com port 22: Connection refused

I don't understand what is the issue here.

@Nicolas Can you please let me know where and how to run below commands? Do I need to run them every time before fetching from gitlab?
  -v $SSH_AUTH_SOCK:/ssh.socket \
  -e SSH_AUTH_SOCK=/ssh.socket \

And also I already have "known_hosts" file with matching entries for key/agent pair.

Can you please let me know how to make this working?

Your help will be much appreciated.

Thanks in advance.

Join yocto@lists.yoctoproject.org to automatically receive all group messages.